In this post the word “best” gets thrown around a lot. We’ll start with a quick examination of a classic textbook definition of the word for clarity, but first capture the importance of context: In our present context, “best” can represent pretty much any means that prevents accidental or intentional disclosure of a password.
The best way for users to store passwords is to use a password manager. A password manager is a software tool that securely stores and manages all of a user’s passwords, so they don’t have to remember them all.
Password managers use strong encryption to protect user’s passwords and are designed to prevent unauthorized access. Users only need to remember one strong master password to access their password manager.
Password managers also typically offer additional security features, such as generating random, strong passwords for new accounts, and checking for password reuse across different websites.
It’s important to choose a reputable password manager that has been independently audited and is known for its security features. Additionally, users should ensure that their master password is strong and not easily guessable, as it is the key to all of their stored passwords.
This is a Rolodex. My parents have one that’s similar, with the plastic cover. They’ve discovered that the most effective way to keep track of passwords that mean the most to them – banking, shopping, retirement – is through good old fashioned “fall back to paper”. This works quite well for them, and it provides many of the same “sharing” features between the two of them that modern password managers promise.
There are some potential drawbacks. The house could burn down, and the Rolodex could be lost. Let’s face it, in the grand scheme of things if the house is a total loss, passwords _might_ be incredibly important in the moment for a few things… but for the most part my ‘rents can rely on the password reset functions well enough. It would, of course, be a good idea to store this in a fire-resistant box, while actually keeping it locked in the safe would be overkill and render it far less useful.